Hi [[ session.user.profile.firstName ]]

Cybersecurity CTFs: The power of competition in building attack-ready humans

Cybersecurity experiences must be constant to be effective. Like gamers, security experts are curious, creative individuals with a penchant for problem solving; our industry never stops moving, and neither should your team’s skill levels.
Now more than ever organizations are facing a challenge to keep their employees motivated. Cybersecurity CTFs are the way to go: there are prizes, it's fun, and at the end of it you gain kudos for getting the token first.
But how do you turn a CTF event into a learning experience? How can organizations benefit from CTF events and ingrain them in their cybersecurity strategy?
Join Immersive Labs on 11th February at 3PM GMT (10AM ET) for our "Cybersecurity CTFs: The Power of Competition in Building Attack-ready Humans" webinar, and discover how you can tool up your team with a hacker mindset.
Recorded Feb 11 2021 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Kevin Breen, Max Vetter, Chris Pace
Presentation preview: Cybersecurity CTFs: The power of competition in building attack-ready humans

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Cybersecurity CTFs: The power of competition in building attack-ready humans Recorded: Feb 11 2021 59 mins
    Kevin Breen, Max Vetter, Chris Pace
    Cybersecurity experiences must be constant to be effective. Like gamers, security experts are curious, creative individuals with a penchant for problem solving; our industry never stops moving, and neither should your team’s skill levels.
    Now more than ever organizations are facing a challenge to keep their employees motivated. Cybersecurity CTFs are the way to go: there are prizes, it's fun, and at the end of it you gain kudos for getting the token first.
    But how do you turn a CTF event into a learning experience? How can organizations benefit from CTF events and ingrain them in their cybersecurity strategy?
    Join Immersive Labs on 11th February at 3PM GMT (10AM ET) for our "Cybersecurity CTFs: The Power of Competition in Building Attack-ready Humans" webinar, and discover how you can tool up your team with a hacker mindset.
  • Experience Sunburst first hand with the experts Recorded: Dec 22 2020 57 mins
    Chris Pace, Kev Breen, Sean Wright
    In a world built on software, the fallout from Sunburst is an example of the importance of a secure SDLC. With a few more checks and balances, nation-state actors might not have been able to weaponize the SolarWinds application and bend it to their will and compromise everything from Government entities to tech companies.

    Join our Director of Cyber Threat Research, Kev Breen, and Sean Wright, Lead Application Security SME, as they demonstrate a series of labs on this unprecedented threat to organizations. By starting with foundational concepts and moving through to detailed hands-on simulations, you will learn firsthand the critical lessons underlined by the attack on Solarwinds. Using the gamified Immersive Labs platform, you will be guided through a five-part series, featuring:

    1) Compromising SolarWinds NMS – Theory: What is an NMS, why is it a target and how was it attacked?
    2) Who is Cozy Bear – Theory: Using MITRE, understand how the infamous UNC2452 threat actor operates
    3) Build Server Investigation – Practical: Our experts use our platform to simulate being a threat hunter and show how to review a build server and pipelines to identify malicious code injects
    4) IOC Investigation – Practical: We walk through the indicators of compromise to demonstrate how to review your NMS host and identify if it has been infected
    5) Malware Investigation – Practical: Kevin and Sean step into the shoes of a threat hunter, analyse the Sunburst malware to understand further IoCs, and discern what suspicious network activity looks like

    You can access these practical hands-on experiences for yourself from Immersive Labs Community here: https://community.immersivelabs.online/browse/category/cyber-threat-intelligence/sunburst-supply-chain-compromise
  • Out in the Cold: The Cyber Nightmare Before Christmas Recorded: Dec 17 2020 67 mins
    Chris Pace, Paul Bentham, Kev Breen
    Should you ever pay the ransom? What if it were a matter of life and death?

    In the peak of a brutal winter and a global pandemic, power distribution company EXCEL gets hit by not one, but two Netwalker ransomware attacks, causing power-outs across the country. It’s up to you to prioritise tasks, appoint leaders, push out comms, and of course decide whether to pay the malicious hackers. Most importantly, will you be able to prevent fatalities?

    In our final Cyber Crisis Simulator webinar of 2020, you’ll work with Chris, Paul and Kev from Immersive Labs to get EXCEL’s systems back up and running again as quickly – and efficiently – as possible. Using Immersive Labs’ Cyber Crisis Simulator and technical labs, you’ll be a part of the life or death decision-making process that will determine whether this year’s holiday season is dark and cold or merry and bright.

    Outcomes:

    - See the impact of the human element in incident management and response
    - Gain a greater understanding of how decisions in a breach scenario have a business-wide impact
    - Experience Netwalker via one of our technical labs
  • Intro to Immersive Labs for Development and Engineering Recorded: Nov 25 2020 47 mins
    Max Vetter, Sean Wright, Taylor Mowat
    People often assume that application security, or AppSec, focuses solely on the security involved in the development of an app or service.
    Wrong! Sure, this is a vital part of it, but there are several other areas that are just as important as the code used in development:

    -Design
    -Operations
    -Testing
    -Deployment
    -Maintenance

    AppSec ultimately covers the security of an app from inception to deployment, use and maintenance; it’s a process spanning the application’s lifetime and you must be there every step of the way.
    Join our webinar on 25th November at 3pm GMT to find out what Immersive Labs has to offer for Development and Engineering teams in your organization.

    Hear from Chief Cyber Officer, Max Vetter, Lead Application Security SME, Sean Wright, and Senior Content Engineer, Taylor Mowat, as he shows us around the new lab formats for Application Security.

    You’ll emerge with an understanding of:

    -The challenges of building secure applications
    -The risks in getting the balance between productivity and security wrong
    -How Immersive Labs is bridging the gap between cyber and engineering teams
    -What is on our roadmap for AppSec
  • Threats at the Kitchen Table: Balancing Security & Usability In Remote Workforce Recorded: Oct 7 2020 59 mins
    Chris Pace; Technology Advocate, Immersive Labs / Paul Bentham; Chief Product Officer, Immersive Labs
    The tightrope between security and usability is nothing new, but recent events have propelled it to the fore. When the corporate world was forced out of offices and into kitchens, studies and bedrooms, businesses had to peer under every rug for the remote working policies and plans they should have made. Now, as the second wave of *you know what* begins, it’s clear that balancing remote working and cybersecurity is a perennial issue – and it’s here to stay.

    In Immersive Labs’ latest crisis simulation, your organization faces an imminent switch to 100% remote working – and it’s up to you to make it happen. As Head of IT for a wealth management firm, you have to balance the cybersecurity needs of the business with operations and efficiency, while preparing a workforce that has never worked remotely to make the switch. Join Chris Pace, Tech Advocate, and Paul Bentham, Chief Product Officer, as they navigate the balancing act that businesses around the world are now facing.

    For many, lockdown was a trial by fire – and it’s *still* not over. While the world is tentatively opening its doors again, governments are ready to slam them shut at any moment. Short term fixes must now face the test of time as offices fall quiet once more.

    In this webinar, we turn those short-term band-aids into long-term solutions. When your IT estate is scattered across kitchen tables and sofas, how do you keep it safe and secure? When team members can’t see IT about a dodgy email, how do you encourage best-in-class security practices? When your workforce has never worked remotely, how do you balance productivity with security?

    As the scenario unfolds, you’ll get your say on how the team should prepare. You’ll see the impact of your decisions on factors like operational effectiveness, security and comms quality. You’ll emerge with an understanding of:

    - The challenges facing businesses and security teams
    - The risks in getting the balance wrong
    - The importance of communication
  • Episode 16: The Kids That Took Twitter | Cyber Humanity Podcast Recorded: Aug 19 2020 27 mins
    Chris Pace, Kev Breen, Paul Bentham, Max Vetter
    As you might have guessed from the title, the Twitter hack is the focus of this episode – specifically, the kids behind the attack. Why are youngsters so much more likely to turn to cyber crime? How can we guide them onto a more ethical path, while still giving them the opportunity to explore their incredible cyber talents?

    Kev shares a blast from the past and tells us about his path to cyber. Buckle up, because it’s a good’un! Of course, he maintains that he’s stayed firmly away from any shades of grey during his early cyber years. We totally believe you, Kev!

    We couldn’t cover the Twitter hack story without discussing the somewhat salacious interlude during the court case. How is it that Max can’t even share his screen on Zoom due to security restrictions, but someone can get onto a major court case and share porn?

    Finally, and most importantly, we puzzle over why these kids merited an entire task force when there are entire criminal organizations out there monetizing malware and doing real harm. Tune in to find out!

    ***

    About the Cyber Humanity Podcast

    Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.

    These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.

    Join Chris Pace, Kev Breen, Max Vetter, and Paul Bentham as they wend their way through the murky world of Cyber Humanity.
  • Cyber Crisis Simulator: You're in control Recorded: Aug 18 2020 51 mins
    Chris Pace, Tech Advocate at Immersive Labs; Phil Venables, CISO at Goldman Sachs
    Another day, another breach. Businesses have never been more acutely aware of the increased likelihood of data being compromised as a result of a cyberattack. Formulating response plans and crafting policies are top of mind for security and risk professionals, but these efforts can never really factor in the human element when the worst happens. How do time and pressure impact on decision-making? How can organizations be sure that the right people are involved in breach response and know what the wider business impact is?

    This webinar replays an incident simulation based on a recent real-world cyberattack. Attendees were in control of how a fictional company reacted to technical, business and risk challenges in near real-time. This session was designed to simulate the tightrope to be walked in responding to a breach when dealing with technical attribution, public relations, legal obligations and more.

    • See the impact of the human element in data breach response
    • Gain a greater understanding of how decisions in a breach scenario have a business-wide impact
    • Examine missteps in responses to recent highly publicized breaches
    • And more

    Discover more about Immersive Labs' Cyber Crisis Simulator at https://www.immersivelabs.com/labs-and-content/cyber-crisis-simulator/
  • Hackers Have First-Move Advantage - How Can We Equip To Respond? Recorded: Jun 18 2020 41 mins
    Max Vetter
    An attacker's first-move advantage clearly comes down to their rapid innovations, meaning security teams always have to operate reactively. Like forest fires, cyber-attacks are devastating and unpredictable; and like firemen, defenders can only race to the scene. But by the time they arrive, the damage is usually done.

    But what if you could flip the script? What if the defenders were empowered to innovate as rapidly as the attackers to stay ahead of the threat?

    In this webinar, Max Vetter, Chief Cyber Officer at Immersive Labs, explores this topic and number of others, including:
    - How human readiness can be mapped to the risks that organizations face
    - The advantages of skills content that incorporates real threat intelligence, real tools and real techniques
    - The importance of a "security-first" approach to upskilling teams across many roles, including IT, DevOps, project management

    View this webinar today and discover strategies to stay one step ahead of the threats
  • Introducing Cyber Crisis Sim: A live scenario Recorded: Jun 18 2020 53 mins
    Chris Pace, Technology Advocate at Immersive Labs
    When the worst happens not even the best incident response plans can account for the human element. You might know how your tech will work under pressure but what about you and your people?

    Immersive Labs Cyber Crisis Simulator throws decision-makers into an emerging attack scenario. You’ll be able to experience how human psychology plays its part in an evolving crisis and see the impact of decisions made under pressure in real time.
  • Episode 1: Travelex: A post-mortem | Cyber Humanity Podcast Recorded: Jun 2 2020 32 mins
    Chris Pace, Kev Breen, Paul Bentham, Max Vetter
    At the dawn of 2020, foreign exchange company Travelex had something of a New Year cyber nightmare. In this episode we discuss what happened, how they responded and whether paying the ransom is ever the right thing to do.

    About Cyber Humanity
    There's a lot of cool techy stuff going down in cybersecurity, and we love it. But you can't deny that a lot of the time we humans get forgotten. Our podcast takes a not-so-serious look at issues in security from a human point of view. Covering social engineering to hacker motivations and everything in between, we chat through security stories and themes and what they mean to us: the oft-neglected humans behind the screen. Apart from Kev, Kev is a cyborg.

    These weekly podcasts come in two main flavors. We’re either ranting about themes close to the heart of us security types, or we’re discussing threats and vulnerabilities that have hit headlines – or slipped under the radar – in recent weeks.

    Join Chris Pace (tech advocate and keeper of the coloring pencils), Kev Breen (pro blue teamer, also known as 'Mr Nothing to CVE here...'), Max Vetter (former dark web detective and pretty cool guy), and Paul Bentham (ex-gov. type and Immersive Labs product guru) as they wend their way through the murky world of Cyber Humanity. Tune in for more episodes here: https://www.immersivelabs.com/resources/podcast/
  • "What exactly do you do here?”: Defining Cybersecurity Roles with NIST NICE. Recorded: Mar 11 2020 30 mins
    Chris Pace
    It’s been too easy in recent times to lay the recruitment struggles of the cybersecurity industry at the door of the so-called skills gap. The real challenge is more complex. Businesses looking to recruit, for example, may be averse to paying top dollar for a self-taught ‘hacker’ with no college degree. The same applies to those aspiring to move into entry-level roles who may have taken useful and effective hands-on training but have no way of differentiating themselves when they lack formal experience.

    To address some of these issues, the US National Institute of Standards and Technology (NIST) has built the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. It can improve the way organizations identify, recruit, develop and nurture cybersecurity talent by helping them to interpret their workforce and identify skill gaps. In this webinar, we’ll introduce the framework and talk about the advantages of implementing it in forward-thinking security teams.
  • The Cybersecurity Certifications Paradox Recorded: Jan 29 2020 25 mins
    Chris Pace, Technology Advocate at Immersive Labs
    Why, despite the rapid pace of threats, do we still measure skills with paper?

    We’re part of an industry that wears its rapid pace of change as a badge of honour. There’s no question that cybersecurity demands a constantly evolving skill set.

    Current predictions put the number of open security roles at 3.5 million by 2021; it’s impossible for all of those individuals to attend days of classroom training to validate their knowledge. At the other extreme, googling the latest breach currently qualifies as training in thinly spread teams.
  • Aligning the MITRE ATT&CK Framework to Cyber Skills Recorded: Oct 24 2019 27 mins
    Chris Pace, Technology Advocate at Immersive Labs
    MITRE ATT&CK™ has become the go-to framework in understanding and visualizing cyber threats and risk. Today its application in identifying the effectiveness of security technologies and processes is widespread, but there are also huge potential advantages in mapping the skills of security teams with threat actor tactics and techniques in ATT&CK.

    In this webinar, we’re taking a look at how MITRE ATT&CK is not just for bits and bytes, but for flesh and blood too. Learn how you can map your cyber tactics and techniques to the skills of your people, as well as how you can use the framework to bolster your security posture.
Human Readiness Against Evolving Cyber Threats
We empower organizations to increase, measure and demonstrate human capabilities in every part of their cybersecurity.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cybersecurity CTFs: The power of competition in building attack-ready humans
  • Live at: Feb 11 2021 3:00 pm
  • Presented by: Kevin Breen, Max Vetter, Chris Pace
  • From:
Your email has been sent.
or close